How to Set up WordPress Two-Factor Authentication

dec 6, 2017

In this guide we are going to provide you with step-by-step instructions on how to set up two-factor authentication on a WordPress website, hosted onCentOS 7 VPS.There are many two-factor authentication WordPress plugins available in the WordPress.org plugin repository, but for the purpose of this tutorial, we will install and set up the Google Authenticator plugin for WordPress.

1. Update OS packages

Before starting with the installation procedure, update the server OS packages with the latest available packages by running the following commands:

sudo yum clean all
sudo yum update

2. Inštalácia PHP 7

CentOS 7 has PHP 5.4 installed by default. We can remove PHP 5.4 and install PHP 7.1 verzia. K tomu, check which PHP 5.4 packages are installed on the server and remove them:

Edit the PHP configuration file and add/modify the following settings (change the timezone according to your actual timezone):

memory_limit = 512M
date.timezone = US/Chicago

Restart the Apache service for the changes to take effect:

sudo systemctl restart httpd

Open http://yourdomain.com in your favorite web browser and follow the easy instructions to finish the WordPress installation.

6. Install Google Authenticator plugin

Log in to your WordPress dashboard and install the Google Authenticator plugin by clicking on the ‘Add New’ button from the Plugins menu, then activate it.

Go to Users -> your user (Admin) >> upraviť >> Google Authenticator Settings >> check ‘Active’ and ‘Relaxed mode’ >> Create new secret , write down the secret on a piece of paper and store it in a safe place. Potom, click on the ‘Show QR code’ button next to the ‘Create new secret’ button and scan the generated QR code with your phone.

Click on the ‘Update profile’ button at the bottom of the page for the changes to take effect.

7. Verify if the WordPress Two-Factor Authenticator is working

To test if the two-step authentication is set properly, log out from the WordPress back-end, open http://yourdomain.com/wp-admin and enter your username, password and Google Authenticator code.

To je všetko, your WordPress website is now using a two-factor authentication and it is a little more secure now.

If you use one of ourWordPress Hosting Services, you can simply ask our expert Linux admins to enable two-factor authentication on your WordPress site for you. They are available 24×7 and will take care of your request immediately.